Posted
by
timothy
on Friday August 07, 2009 @03:50AM
from the but-it's-secure-says-so-right-on-the-label dept.

Death Metal writes with this excerpt from Computer Weekly, which casts some doubt on the security of the UK's proposed personal identification credential: "The prospective national ID card was broken and cloned in 12 minutes, the Daily Mail revealed this morning. The newspaper hired computer expert Adam Laurie to test the security that protects the information embedded in the chip on the card. Using a Nokia mobile phone and a laptop computer, Laurie was able to copy the data on a card that is being issued to foreign nationals in minutes."

And the government expert witness, on the goverment's payroll of course, will say the ID is nearly infallible and you'll end up in jail. We send people to death row on little more than unreliable eye witness testimony, why do you think anyone gives a damn how many people may have copies of your ID?

And the government expert witness, on the goverment's payroll of course, will say the ID is nearly infallible and you'll end up in jail.

I think this is symptomatic of the biggest single problem with so many government powers.

Things will inevitably go wrong in any system as large and complicated as running a national government. This will be true even if everyone tries to be diligent and acts with nothing but good intentions. There is no point either pretending that this won't happen or pretending that it would be better if we dropped all government systems that could possibly cause such problems no matter how much good they might otherwise do.

However, there should always be a system in place that allows mistakes to be detected and put right quickly, and without making things any worse for the unlucky victim. This is particularly true in cases of mistaken identity or other factual errors, where the consequences might be anything from financial loss such as being denied benefits or overtaxed, through loss of reputation and all the damage to relationships and career that might entail, right through to violent arrest and detention (or worse).

As a declaration of interest, I am particularly sceptical about any claims relating to ID, because I was once overtaxed significantly due to a case of mistaken identity at a government tax office. It was bad enough that I was left short of money to pay my rent without warning, but even worse that it took nearly three months and a huge amount of effort on my part to get it put right, and I never received so much as a real apology or full explanation afterwards. I can forgive a data entry error by someone who's probably earning near the minimum wage and typing hundreds or thousands of these numbers every day. I can't forgive a system that damages me for months afterwards because it can't acknowledge that it made a mistake.

No, the justice system is stacked in favor of the largest entity involved, regardless of whether or not it's in the state's interest. Didn't you notice that "victimless crimes" don't go punished when millions of people lose their life's savings as a result of a single individual, but/do/ go punished when someone may have lost a single DVD sale?

In this particular instance, it's not so easy to go with the cynicism. If this hack is really that easy, you should be able to come up with a security expert willing to counter than government security expert.

EXTRA points, if you clone the Judge's ID while in the courtroom and buy 100 black 12" dildos in his/her name and produce the receipt.

It's not really that difficult to show your ID was cloned. It isn't like it doesn't happen today with current IDs. Illegal aliens are doing it, underage drinkers do it (often on college campuses), and people purpetrating ID theft do it.

Where the problem is going to be is when the person has some sort of motive and opportunity to commit whatever crime is in question. Most often the ID evidence will have a witness saying it was in fact you and in some cases there will be video or photographic evidence to coll

Well I think we are mostly in agreement. What you are talking about is corroborating evidence, motive, and intent. I do agree when there is an eyewitness that states it was you that provided the ID during the criminal act, it becomes very difficult to argue about the ID at that point.

The original poster, much farther up the thread, was basically stating, "prove it". Eye witnesses help do that. Any type of corroborating evidence is going to help to do that.

The trick is to prove that the judge is as guilty as the defendant. There was a case some years ago involving alleged cocaine cash seized at an airport under RICO where the prosecution sought to use as evidence the fact that the money carried by the defendant was contaminated with traces of cocaine. The defense lawyer asked for some cash from the wallet of the judge and tested it right there in the courtroom for cocaine traces. Sure enough, the judge's cash also showed traces of cocaine. The prosecutor's ev

Actually, you are incorrect. There are court cases saying you have to present ID if demanded by a cop.

The cop was responding to a possible house break in. He had to "cross the threshold" to verify this, and he had to verify the person he was talking to was the actual owner. If they believe that a crime is/has occured, there are lower thresholds to entering a possible crime scene. Their job, at that point, is to verify that a crime hasn't occured, and hold anyone who may have committed the crime.

It wasn't an anonymous tip. The woman who made the call has been harassed and ridiculed for the call. I don't see how that's an anonymous tip.

I'll throw in that the professor shouldn't have started by showing the cop his college ID. That doesn't verify that you live at the house, and not everyone knows all the professors at a school.

No, you don't. You have to identify yourself if asked, but you DO NOT HAVE TO PRODUCE ID [knowmyrights.org]. If the cop says "Show me some ID" it's perfectly legal and appropriate to say "I'm Pitabred. I don't need to show you any ID."

The grandparent poster was correct, and your correction scares the hell out of me. Learn your rights. Use them. Or you lose them.

Yeah...uh huh. You haven't actually had to deal with the cops, have you? You see they have this little thing called "disorderly conduct" that pretty much means whatever the fuck they want it to mean that day. Don't show ID? Well he was being 'disorderly" so we had to haul him in, where of course we ran his prints and found out who he was.

Trust this old greybeard son, you don't get phrases like DWB (driving while black) or testilying integrated into the language by actually having cops give a shit about the constitution. I have traveled all over the south, and talked to many that go cross country pretty much constantly and our findings match. For every 1 decent cop you got about a half dozen "bullies with badges" that are just DYING for you to give them even the flimsiest excuse to seriously fuck with you.

I had a friend that was a long time cop take early retirement just to get away from all of his fellow cops. He said the new recruits were more like gangbangers than cops and pretty much spent their days looking to "stir up some shit", his words. So you go right ahead and tell that 220 pound steroid monster with a badge who thinks he IS the law how you know your rights and refuse to show ID and see how quick you are in the back of that patrol car. Lets just hope he doesn't decide you are "resisting arrest" while he is at it. Look up "tuning up" a suspect if you don't get the reference.

The professor should have done so, and thanked the officer for being so quick to protect his residence. But no. The professor had to dish out attitude, and he got what he deserved because of it.

It's thoroughly depressing to see in our society the authoritarian outlook that someone deserves to be arrested for giving "attitude", in his own home no less. The officer's job is to protect and serve. As two police chiefs interviewed on NPR stated, an officer in that situation should be attempting to get done w

I agree that we can't fold to every whim of the police and let them abuse our rights, but...

A lady saw a guy breaking in a door and called the cops; the guy owned the house, so he had a right to do so. But a reasonable person would also understand that if you just broke into your house, there is a chance a neighbor called the cops. That happened and all he had to do was show his ID so the cop could verify it was his house. When he didn't do that, the cop had a duty to all land owners to detain him unt

I'm not debating whether the cop should have showed up to check out the call, nor whether he should have tried to verify that Gates was the homeowner. Since we have conflicting information about what happened, it's pointless to argue over whether Gates was acting reasonably. However, to the best of my knowledge (note, I haven't followed this story closely) both people agree that a) Gates eventually showed ID that satisfied the officer that he was the homeowner, and b) Gates did not attempt to physically

I don't get why people think they're "forced" to pay taxes. Taxes are simply the fee for receiving a service (or rather, a set of services) which is provided by the government. If you don't pay the fee, you shouldn't receive the service; that's how paid services work.

Now, sure, the government can throw you in jail if you don't pay your taxes. But even then, you're still receiving services you haven't paid for - you're getting free food, free cable TV, free room and board, and so on.

You're allowed to buy alcohol from 18 in the UK, but they're now asking for ID if you look under 25. Also, my 35 year old sister-in-law has been asked for ID several times in Colorado, USA (where she lives). It's not just the young 'uns who need ID;)

Apparently (i.e. I read on the net, so not very reliable), some shops have a policy of ID every Nth customer, regardless of appearance. Which got a 75-year-old irate when he was refused service because he wasn't carrying ID.

I think there are two things of note. First the article is in the Daily Mail which has a populist agenda usually veering alarmingly to the right. They have jumped on the anti-id bandwagon so maybe this article should be taken with a pinch of salt. Secondly if it is true it raises some interesting points. Who did the UK Government get to test the security on these cards? How do you respond to such a public relations disaster? How to you tally lax security with bullet proof identification and if this is not possible what plausible reason is there for rolling these things out nationally? I would be very interested to get a Government spokesmen on Question Time squirming to reply to those questions, because they are essentially unanswerable whilst still clinging to the existing policy. And too much money has been spent for this Government to change it now . . .

Anti-ID card people, not just the "right wing" (ohnoes!) Daily Mail, always said that something like this was inevitable regardless of the effort put into securing the cards. The Government always brushed their concerns aside while expanding the list of people who would have access to the National ID Register.

If you got a Government spokesman on Question Time, and you were able to get into QT to ask an awkward question, then he would be as evasive as they have always been. Probably he'd just try to distract attention from the real issues. But the point is moot because all QT questions are vetted. The BBC wouldn't want to put the Government on the spot.

it's always the same problem. as soon as you start using an identification device as an authentication device, you're screwed, as identity thefts all over the world could concentrate on a convenient and small target. too much incentive on cracking the card for it to work.

BBC is no more going to criticize the government's ideas, than would PBS criticize the Congress.

I'm guessing you live outside the UK. The BBC has a long and well documented history of complaints from all factions of UK Government. Google "Jeremy Paxman" or "Robin Day" to discover how political interviews should be conducted. Programmes like "Newsnight" and "Panorama" frequently run stories that are highly critical of government policy.

My evidence would be the questions that are NOT asked on Question Time!

Politicians get an undeservedly easy ride on this and all BBC news programmes. The purpose of these programmes to give the impression of independence, giving the Ministers a hard time. This is created by disagreeing with the Government on minor issues. The hope is that the British people will believe that the BBC is on their side when something really important comes up.

They got quite a competent group of people, as is the policy of the current government. These people issued a report that the cards were insecure and did not solve any problems that actually existed (they actually made some quite interesting recommendations about the problems related to ID that the government could try to solve). Also in keeping with the government's policy (see also: Gower's Report) this advice was completely disregarded. Fortunately, the recent set of expenses scandals kicked the most vocal advocates of the ID card out of the cabinet.

Also in keeping with the government's policy (see also: Gower's Report) this advice was completely disregarded.

For those who don't know, the Gower's report was on intellectual property policy.

I wish the U.S. did something similar - getting together an independent panel of experts, not hand-picked bureaucrats, to look in-depth at important issues. And of course, actually act in keeping with the reports. Another UK report of interest to slashdot - the Byron Report, which looked at the effects of video games and the Internet on children. Quite even-handed, and makes notes about how there is a "polarisation of research

He then created a cloned card, and with help from another technology expert, changed all the data on the new card. This included the physical details of the bearer, name, fingerprints and other information.

He then rewrote data on the card, reversing the bearer's status from "not entitled to benefits" to "entitled to benefits".

He then added fresh content that would be visible to any police officer or security official who scanned the card, saying, "I am a terro

Is there a country in the World that has an ID card system that can't be forged/cloned??? Although I object to the idea of a national ID card what has me really worried is the amount of info they are talking about putting on it. I don't really want my entire medical history + NI number stored on a chip that can be hacked from 20 feetaway If you think ID theft is bad now just wait until these things come out.

I think unforgeable ID is up there with Perpetual Motion Machines on the list of impossible. Just as good (and expensive) engineering can make machines that will run for a long time. good (and expensive) engineering can make the cost of forgery high, This is the way money is protected from forgery: the cost of the machinery to make it is very high. This is no problem for the Mint, which amortizes it of millions of banknotes. But for criminals, it means the number of notes they have to circulate before getti

Of course it can be copied. However if I try to show YOUR ID card "as is", to a guard it might not work - he might realize that I look a bit different from you.

If the ID contains a digital store of your photo and other biometrics on it that is digitally _signed_, even though it can be copied it'll be much harder to tamper with it. And you can only create a new ID if you can sign it with a valid signature.

Of course in the real world, the _printed_ photo might be all the guards check.

Also in the real world, creating fake IDs might not be that hard - you might be able to bribe/trick someone to create a new legit ID for you, or steal/borrow the signing machines + keys (or the backup certs+keys).

BUT, once they realize what has happened, they can revoke your certs (and maybe even those who were responsible for helping you). While this sort of thing might not be that effective against suicidal terrorists, it works well for oppressing your own citizens.

If they start tying these IDs to travel and payment, then it works even better for keeping the sheep in line...

If you'd RTFA, you'd see that he also changed a ton of information as well, and created a fake ID with the modified information; including a line that said, "I am a terrorist, please shoot me on sight."

IOW, there's no security, signing, encryption, anything at all (or if there is it's so broken that it might as well not be there). The fact that it's computerized makes it easier to fake out rather than harder, and simultaneously gives the illusion of being more reliable rather than less. It's bad all around.

In fact, the Daily Mail article says they used Jeroen van Beek's method of loading the card with data - however, the Wired article claims this is not actually what happens:

Unfortunately, a number of people have interpreted the Times story to mean that van Beek altered the data on a legitimate passport chip without it being detected. Englandâ(TM)s Home Office is among those who read it this way. The Office recently responded to the story by denying that anyone can change data on a passport chip without it being detected.

That's nice. Since I am not a UK citizen, I think it is good for me if they continue to use such a broken system.

Because if my country becomes even crappier, it might make it easier for me to move to the UK, and get an ID that's "Entitled to benefits":).

Seriously though, I was just talking about the proper way of doing things, and how even the proper way won't work that well against the evil terrorists (which is what is often used as an excuse to introduce such systems).

The DRM thinking: "I know, lets give people the lock and the key and hope they don't break it"The "cram stuff on a smart chip" thinking: "I know, lets give people all of the data that we wrote there in some way and assume that they can't change it"

So much for "never trust a user's input" (which should cover anything that the user has access to).

You'd have thought that some kind of checksum on top of the data might have helped a bit. At least then you need a large stash of valid cards to revers

Yes, DRM is different to ID, but they're making what appears to be a very similar mistake by assuming that they can give all of their important information to a user (e.g. lock and key or biometrics etc) and assuming that nothing bad can happen with it.

The best idea with keeping information secure is to not give it away, but the ID cards don't seem to follow that idea in the slightest.

Here in Portugal we've had ID cards since the 19th century. We were pioneers in the usage of smart cards as ID cards, together with Belgium and Finland.

While our old paper ID cards were easily falsifiable, the new smart card is virtually impossible to falsify. It has a lot of physical security measures, a few holograms, engravings, etc. As to the chip, all the data in the chip is digitally signed by the government. The RSA private keys inside are generated by the card during personalisation, and are not extractable. I dare you try to create a false one. The British card seems to be a cheap piece of shit.

Anyway, what's all the fuss about ID cards? What do you use to identify yourself? Social Security card? Driver's license? How hard it is to forge one of these?

It isn't the physical card. I couldn't give a rats ass about the card (Other than it's a cheap piece of shit, as you point out). It's the gigantic, interlinked database that will go with the card, which will track everything I do, and be accessible by almost every public worker you can imagine.

You missed checking your post for accuracy. You don't need an NI number to apply for a British passport. I don't think you need one to open a UK bank account, although I haven't done that for several years so I'm not 100% sure: if you do then it's only to pay taxes. You don't need one to apply for a job, although if you get the job you will need to obtain one, if you don't have one, and supply it so that they can pay taxes. You don't need one for hospital treatment - there is an NHS number, but that's admin

So, that is a problem with central information systems, it has nothing to do with ID or cards. The government can track everything you do without any ID cards, they will simply use other data, like SS number, simply your name, or even credit card.

In Portugal, we have an interesting system. It's constitutionally illegal to identify someone towards the several state services using a single number. We used to have several cards, for ID, for health care, for social security, for taxes, for voting.

What do you use to identify yourself? Social Security card? Driver's license?

ID tends to be something like a driver's license or passport. Other measures can be used (e.g. by banks) if you don't drive and haven't been on holiday. Similarly the Government in the UK has some fairly simple ID cards for teenagers who want to prove their age to buy alcohol but don't have a driver's license or passport.

How hard it is to forge one of these?

It's not impossible, and it all depends on how hard the passport etc is actually checked, but there are all the normal measures of holograms and watermarks.

Anyway, what's all the fuss about ID cards?

It's generally:

a) the extra crap that the government wants to store on there for no good reasonb) the extra crap that the government wants to store in a database (for probably quite bad reasons)c) the extra expense to get said extra informationd) the fact that the main argument is "do it or teh terrorororoists winz!"e) the fact that so much money has been poured in to them and they're obviously so brokenf) the fact that it'll become enforceable to display your ID, with the next step being "no ID on the spot? that's a crime"

The fuss is not about ID cards per-se, the fuss is about the UK government trying to create yet another tool to spy-upon, track and control UK residents.

CCTV all over the place, 28 days detention without trial (which the government tried to extend to 45), police abuses against peaceful demonstrators, extra-strong anti-libel laws used to silence whistle-blowers, anti-terrorist laws which are mostly used for things which have nothing to do with terrorism, attempts at setting up an infrastructure fo

Although both Vanders and IBBoard are exactly right, security problems are very important, the real problem is the effect on individual liberty.

As citizens, we don't need the state, except to defend borders and keep the peace. But ID cards tell us that we do need the state, and that without it's blessing, we are nobody. The state is still (notionally) our servant, but now it will not help us unless we do as it says.

In a free country, the function of government is not to tell citizens what to do. It is not to control the population, to exercise power against them, to interfere in their lives. ID cards change that and this is why I do not approve of them.

"The real shame is the government has spent billions of our tax dollars without acknowledging this fact. Is it even a British company thats producing the cards? Or are these tax dollars going to another economy?"

What a great comment from the daily mail article.Tax dollars in the UK. Amazing.

If it's digital, exact copies are possible.
If it's digital, because of the convenience, analogue security measures will be taken less seriously.
If it's digital, uninformed politicians will think it cool, and believe in it like some do in 70 virgins.
If it's digital, the process is fast and can be automated, and the threat is increased a million-fold (out of arse, of course) by sheer statistics. We need slow electronics
If it's digital, tampering is undetectable.

Either way, this digitally secure ID thing can only lead to government saying: "Look! We've tried, and you also know that the only way to do this properly is to put you all in a database and track your every move."

Can we perhaps agree on forsaking digital security just because it's cheaper and faster in cases where we don't need it anyway (i.e. when people aren't up to no good)?

What's interesting about technology like this -- such as electronic voting, passports with chips etc -- is that geeks are often against it. Geeks, who generally love technology and gadgetry, are saying no. Maybe the legislators should listen -- assuming that at least some of them actually care.

You're right. Unfortunately they only listen to the geeks they are paying to create systems like this, who are of course saying "yes, we can make an uncrackable security system" and suppressing their sniggers until they've made it out of the room with their fat cheque.

All it takes is theft of a single piece verification hardware, or a single breach of security to extract the private key. This will probably even go unnoticed. And we can't simply give everyone new ID each time an unauthorized person had access to a government computer, can we?

Just like SSL, in a good implementation of ID cards each card is issued its own private and public keys, signed by the root private key (which is kept in secrecy). Then ID card uses this PK to encrypt communications. Verification hardware only needs the root public key to check that the ID card is legit.

Private key is not only stored on the ID cards, I think. Even so, it is not physically impossible to obtain this key, and it must be guaranteed to be secret for years. Given the ratio of perceived security to possible gain, it will be cracked. Or have you not been on the web, the past few years?

Other questions come to mind, of course:
What's the failure rate of the kind of device/system you envision?
What's the backup plan if the private key is leaked, stolen or guessed somewhere in the next decade?

This is the sort of news which I would think the Government would suppress, as it undermines the validity of the card.

Not only does it make the card next to useless for performing any more than basic "You look like the guy on here, so you're that guy" driving-license-type identification, but it also gives "reasonable doubt" to the whole ID card technology.

Now all we need is someone to get these details onto the National ID Database (when constructed, if Labour stay in, which I sincerely hope they don't) a

I work in the smartcard industry and most of the time those "breaks" mean nothing: usually the "hacker" simply reads the publicly available information and claims that the system is "broken". The reaction of the public is always interesting and shows that many users do not understand the goals of such a system, probably because the politicians that buy those systems do not explain them very well.

However in this case the article claims that they were able to clone the card AND modify the information in the cloned card, which is really the hack that those cards are trying to prevent. This article is heavier on details than many others and that makes it more credible, but the details are still muddy. I hope that the journalist missed a crucial point and that this card is not as insecure as he thinks.

Small-scale, private smartcard-based systems can be cracked, usually because they are badly installed and used. Large-scale, private smartcard-based systems can be cracked (just look into the MiFare Classic debacle) but it involves months of hard work from people with PhDs and access to expensive equipement. Large-scale, govermental smartcard-based systems can be cracked, but I would be really surprised if it took only a few minutes. Unless that hacker presents the attack in details, I will file this one in the "baseless fearmongering in order to sell more papers" folder (which is already bursting BTW).

Unless there have been leeps and bounds in smart card technology in the past couple of years I think this is an overstatement. A few years back I made most my money buying blank smart cards, copying the information from the satelite TV smartcards, changing a few places in the hexidecimal coding, and selling full unblocked TV. Of course we would tell the user to remove the cards from the boxes at night when the companys would do system checks that fry any unauthorized cards. And the cost of such equipment, $49.95. Not expensive and on about average, 15 minutes of work. If the UK is using the same format, that would be a real easy "hack".

TV unblocking is relatively simple, they use a (symmetric) master key that is used to derive session keys. These keys need to be in memory because they are required for the decoding, which needs a lot of performance. Also, you can always "share" the smart card between friends, the smart card does not know who is requesting the session keys. These are cheap cards. Or at least, this is how it used to be, I don't keep a close watch on this.

These cards use Passive Authentication making sure that the biometric d

The reaction of the public is always interesting and shows that many users do not understand the goals of such a system, probably because the politicians that buy those systems do not know what they are either.

FTFY. From the politicians' point of view the goal of the system is either a) to protect against every possible threat to individual or national security; or b) to help them keep their seats - depending on how cynical they are.

The logic is simple:If you fight City Hall, you WILL lose.The Govt. is a beast and it will now put this hacker on a terror list, and for good measure add him to the s3x-offender list too.This poor guy will spend ALL his money to fight the Govt. in courts, while the Govt. uses his tax money to fight him.Until he squeals: "If the Govt. does it, then it must be the best.", the Govt. will continue to gag him and all others who criticize it.

My favorite part of this article, was the response by the officials. Excuse us we need time to come up with an excuse, err.. a response to these allegations. We could just say, "Yes we care about the protection of your identity, but first I need to doublecheck the validity of that statement. Thank you."

Storing a simple hash of the card contents with the hardcoded UID of the card and checking if they match when reading a card is enough to prevent any such attack. While you can copy the card and even change contents on it, it will never validate as an authentic card.
Aside from that, smartcards have really gotten quite smart, as far as I know, there are no practical attacks against the newer MiFare cards(most hacks on Desfire or newer systems target the implementation of the system, not the cards themselves).

Whilst this is a failure of some rudimentary security system that was supposed to protect the data stored on the chip, this is anot a cloned card per se.

The chips on these ID cards, and the new UK passports, are there to enhance the integrity of the DOCUMENT, not be secure stand-alone identifiers alone. For instance you can easily copy the data on a chip once the security has been defeated but to accurately copy the paper part of the document including the watermarks, UV sensitive fibres, holograms, raised ink, irridescent coatings, etc. takes a lot of time and effort that most people won't bother with. Some do bother as a lot of bent banknotes will testify to.

These cards like the passports SHOULD when tested/checked be read by a human being who knows how to check the security features (e.g running your fingers over the top of a banknote to check the raised ink), check the details and the photo are correct and do not seem to have been tampered with, then they can check that the data on the chip matches the data printed on the paper/plastic. If they match then there's a very high chance that the card/passport is genuine.

Just checking one portion rather than the other defats the purpose of these designs.

Weak systems will always be exploitable. UK Border Control staff/Police/Home Office drones need to know that that no document is unforgeable and to maintain the integrity of a system requires knowledge and training on the part of those who are attempting to enforce it.

He then created a cloned card, and with help from another technology expert, changed all the data on the new card. This included the physical details of the bearer, name, fingerprints and other information.

Lets hope this puts the final nail in the coffin for this stupid idea.

Oh, no doubt you can clone a new card with modified data. The real question is - can you get it to verify as genuine in Government readers now you've modified it? Unless the Government's really screwed up, the cards should have digital signatures, which means any unauthorised changes to the data will make them invalid. The Daily Mail article not only doesn't do a good job of addressing this issue, it fails to realise how significant an obstacle it is. I bet they only bothered to check the card in unofficial readers that don't verify anything...

Each one of these files is supposed to be protected with a special digital key, so that if anyone attempts to change it, the card would be identifiable as a fake to any official with a digital chip reader.

To get round this hurdle, we recruited the help of another technology expert, Jeroen van Beek, an Amsterdam-based computer consultant who advises many top companies on digital security.

Drawing on the work of renowned New Zealand computer scientist Peter Gutmann, our team was able to alter the contents of e

If they had any sense whatsoever, all that data would be stored on the server and the card would simply have an ID number (and MAYBE a name) programmed into it. The fact that their system simply believes what's on the card and doesn't check a central database to make sure that the card hasn't been tampered with is just plain stupid.

So instead, they should trust the ID number? How is a number pointing to a block of data on a remote server is safer than the block of data itself? That's what credit cards are (

The ID number is safer because at least then you have a prayer of getting reliable data.

If you do have robust end-to-end security then you can see the canonical biometrics for the person in question and validate them with local equipment.

If you rely on something that is entirely under the control of the public, someone will find a way to tamper with it, it is only a question of how long it will take. Once they do, you will have to issue new cards to everyone, which will cost millions and just start the

Actually, TFA is a post on Computer Weekly, who read the Daily Mail so you don't have to.

Using a Nokia mobile phone and a laptop computer, Laurie was able to copy the data on a card that is being issued to foreign nationals in minutes.

He then created a cloned card, and with help from another technology expert, changed all the data on the new card. This included the physical details of the bearer, name, fingerprints and other information.

He then rewrote data on the card, reversing the bearer's status from "not entitled to benefits" to "entitled to benefits".

He then added fresh content that would be visible to any police officer or security official who scanned the card, saying, "I am a terrorist - shoot on sight."

So, no, it is actually pretty bloody scary, as they successfully changed the biometrics of the copy.

TFA says they managed to change the data on the card. It's still not clear if that is enough to make your own card or if it would fool a biometric scanner.

Biometrics are a terrible way to establish identity, which is why banks don't use them. Aside from the ease with which things like fingerprint scanners can be fooled, your biometric data can change (e.g. you burn your finger, loose and eye, get cosmetic surgery). That means there has to be a system for getting your card updated with the new data, and if s

You may be right, but it like shopping for new car, the salesman suggesting this brand new model of unknown manufacturer like it's the best car available, and the rear view mirror falling off before you leave the parking lot for a test drive. The car may run for a couple of blocks, but it does not bode well. Would you buy this car?

I've no grounds for arguing with the facts, and certainly agree with the disgust for these ID cards, but any story in the Mail that touches on "scrounging foreigners damaging our property values and insulting the sacred memory of Princess Di" is not to be trusted.

I thought with the departure of Jacqui smith, this diabolical scheme was being abolished?

Nah, it is being combined with passports. The passport service is now "The UK Identity and Passport Service". The fight against ID cards was always about the National ID Register, Britain's version of the Stasi record system. The NIR is not going anywhere, just being rebranded into a more "acceptable" form.

The whole concept of a secure card is crap unless it verifies against an external DB.

Not necessarily so ; it's definitely possible to have a card system that deliberately eschews a central database entirely, and just rely on digital signatures for security. The difficulty of providing security in such a system would be approximately equivalent, and mostly related to securing the signing keys, but it would be much less costly because of the lack of a need to maintain and administer the central database.

The article doesn't mention whether the edited card created would pass a digital signature